From badbe7524e2f216e174df5507eb8f70671c2a626 Mon Sep 17 00:00:00 2001 From: Ryan Daum Date: Sat, 15 Feb 2025 13:46:07 -0500 Subject: [PATCH] Add `salt` builtin Note: Not compatible with function of same name in ToastStunt --- crates/compiler/src/builtins.rs | 7 ++++ crates/kernel/src/builtins/bf_strings.rs | 18 +++++++++- doc/builtin_functions_status.md | 45 ++++++++++++------------ 3 files changed, 47 insertions(+), 23 deletions(-) diff --git a/crates/compiler/src/builtins.rs b/crates/compiler/src/builtins.rs index 0a278f3a..fc4f60a8 100644 --- a/crates/compiler/src/builtins.rs +++ b/crates/compiler/src/builtins.rs @@ -1040,6 +1040,13 @@ fn mk_builtin_table() -> Vec { types: vec![Any], implemented: true, }, + Builtin { + name: Symbol::mk("salt"), + min_args: Q(0), + max_args: Q(0), + types: vec![], + implemented: true, + }, ] } diff --git a/crates/kernel/src/builtins/bf_strings.rs b/crates/kernel/src/builtins/bf_strings.rs index 4b35bc92..c3c3cc33 100644 --- a/crates/kernel/src/builtins/bf_strings.rs +++ b/crates/kernel/src/builtins/bf_strings.rs @@ -19,7 +19,7 @@ use moor_values::Error::{E_ARGS, E_INVARG, E_TYPE}; use moor_values::{v_int, v_str, v_string}; use moor_values::{Sequence, Variant}; use rand::distributions::Alphanumeric; -use rand::Rng; +use rand::{thread_rng, Rng}; use tracing::warn; use crate::bf_declare; @@ -168,6 +168,21 @@ fn bf_strcmp(bf_args: &mut BfCallState<'_>) -> Result { } bf_declare!(strcmp, bf_strcmp); +/// Generate a random cryptographically secure salt string, for use with crypt & argon2 +/// Note: This is not (for now) compatible with the `salt` function in ToastStunt, which takes +/// two arguments. +fn bf_salt(bf_args: &mut BfCallState<'_>) -> Result { + if !bf_args.args.is_empty() { + return Err(BfErr::Code(E_ARGS)); + } + + let mut rng_core = thread_rng(); + let salt = SaltString::generate(&mut rng_core); + let salt = v_str(salt.as_str()); + Ok(Ret(salt)) +} +bf_declare!(salt, bf_salt); + /* str crypt (str text [, str salt]) @@ -336,6 +351,7 @@ pub(crate) fn register_bf_strings(builtins: &mut [Box]) { builtins[offset_for_builtin("argon2_verify")] = Box::new(BfArgon2Verify {}); builtins[offset_for_builtin("string_hash")] = Box::new(BfStringHash {}); builtins[offset_for_builtin("binary_hash")] = Box::new(BfBinaryHash {}); + builtins[offset_for_builtin("salt")] = Box::new(BfSalt {}); } #[cfg(test)] diff --git a/doc/builtin_functions_status.md b/doc/builtin_functions_status.md index 54936bb4..771dc1ba 100644 --- a/doc/builtin_functions_status.md +++ b/doc/builtin_functions_status.md @@ -9,7 +9,7 @@ included in the notes column. ### Lists | Name | Complete | Notes | -| ------------ | -------- | ------------------------- | +|--------------|----------|---------------------------| | `length` | ✓ | | | `setadd` | ✓ | | | `setremove` | ✓ | | @@ -26,22 +26,23 @@ included in the notes column. ### Strings -| Name | Complete | Notes | -| --------------- | -------- | ------------------------------------------------------------------------------ | -| `tostr` | ✓ | | -| `toliteral` | ✓ | | -| `crypt` | ✓ | Pretty damned insecure, only here to support existing core password functions. | -| `index` | ✓ | | -| `rindex` | ✓ | | -| `strcmp` | ✓ | | -| `strsub` | ✓ | | -| `argon2` | ✓ | Same signature as function in ToastSunt | -| `arong2_verify` | ✓ | Same signature as function in ToastSunt | +| Name | Complete | Notes | +|-----------------|----------|------------------------------------------------------------------------------------------------------| +| `tostr` | ✓ | | +| `toliteral` | ✓ | | +| `crypt` | ✓ | Pretty damned insecure, only here to support existing core password functions. | +| `index` | ✓ | | +| `rindex` | ✓ | | +| `strcmp` | ✓ | | +| `strsub` | ✓ | | +| `argon2` | ✓ | Same signature as function in ToastSunt | +| `arong2_verify` | ✓ | Same signature as function in ToastSunt | +| `salt` | ✓ | Generate a random crypto-secure salt for password. Not compatible with toast's function of same name | ### Numbers | Name | Complete | Notes | -| ---------- | -------- | ----- | +|------------|----------|-------| | `toint` | ✓ | | | `tonum` | ✓ | | | `tofloat` | ✓ | | @@ -72,7 +73,7 @@ included in the notes column. ### Objects | Name | Complete | Notes | -| ----------------- | -------- | ---------------------------------- | +|-------------------|----------|------------------------------------| | `toobj` | ✓ | | | `typeof` | ✓ | | | `create` | ✓ | Quota support not implemented yet. | @@ -90,7 +91,7 @@ included in the notes column. ### Properties | Name | Complete | Notes | -| ------------------- | -------- | ----- | +|---------------------|----------|-------| | `properties` | ✓ | | | `property_info` | ✓ | | | `set_property_info` | ✓ | | @@ -102,7 +103,7 @@ included in the notes column. ### Verbs | Name | Complete | Notes | -| --------------- | -------- | ------------------------------------- | +|-----------------|----------|---------------------------------------| | `verbs` | ✓ | | | `verb_info` | ✓ | | | `set_verb_info` | ✓ | | @@ -118,7 +119,7 @@ included in the notes column. ### Values / encoding | Name | Complete | Notes | -| --------------- | -------- | ---------------------------------------------------------------------------------- | +|-----------------|----------|------------------------------------------------------------------------------------| | `value_bytes` | ✓ | | | `value_hash` | | | | `string_hash` | ✓ | | @@ -130,7 +131,7 @@ included in the notes column. ### Server | Name | Complete | Notes | -| --------------------- | -------- | ------------------------------------------------------------------------ | +|-----------------------|----------|--------------------------------------------------------------------------| | `server_version` | ✓ | Crate version + short commit hash, for now | | `renumber` | | | | `reset_max_object` | | | @@ -152,7 +153,7 @@ included in the notes column. ### Tasks | Name | Complete | Notes | -| -------------- | -------- | ----- | +|----------------|----------|-------| | `task_id` | ✓ | | | `queued_tasks` | ✓ | | | `kill_task` | ✓ | | @@ -164,7 +165,7 @@ included in the notes column. ### Execution | Name | Complete | Notes | -| ---------------- | -------- | ------------ | +|------------------|----------|--------------| | `call_function` | ✓ | | | `raise` | ✓ | | | `suspend` | ✓ | | @@ -179,7 +180,7 @@ included in the notes column. ### Network connections | Name | Complete | Notes | -| ------------------------- | -------- | ---------------------------------------------------------------------------------------------------- | +|---------------------------|----------|------------------------------------------------------------------------------------------------------| | `set_connection_option` | | | | `connection_option` | | | | `connection_options` | | | @@ -197,6 +198,6 @@ Functions not part of the original LambdaMOO, but added in moor ### XML / HTML content management | Name | Description | Notes | -| ----------- | ---------------------------------------------------------------- | ----------------------------------------------------- | +|-------------|------------------------------------------------------------------|-------------------------------------------------------| | `xml_parse` | Parse a string c ntaining XML into a tree of flyweight objects | Available only if the flyweights feature is turned on | | `to_xml` | Convert a tree of flyweight objects into a string containing XML | Available only if the flyweights feature is turned on |